Shor t TakesRoth: The scenarios run the gamut of what a possi-ble threat could be. Normally at the beginning of theprocess is a risk assessment of an organization, oran organization comes to us with a risk assessmentof their most imminent threats. That threat doesn’thave to be a severe disaster or involve loss of life.Certainly a data breach can be economically dev-astating for a company or a small business. Someof the exercises we’ve done over the past decadehave been private-public partnership exercises. Forexample an objective like where a military installa-tion wants to get along better with the surroundingcommunity and find a way to share resources. In away we use the same structure to tackle these com-plex problems and the exercise allows a group ofindividuals to work through it.

Consulting: How ready are most organizations interms of disaster management preparedness?

Roth: I think what we’re seeing now is organizations are
very aware of preparedness. Certainly from a military
or government agency perspective it’s almost built into
their mission statement. A big part of their existence is
to be able to provide their services at a steady state as
well as during a crisis situation. Then the organizations
have plans for continuity of operations to physically or
virtually move from one location to another so they can
provide them. In the same way, the private industries
have in a way modeled themselves after some of those
best practices from the military and government. If a
business is taken offline by a cyber attack, even for a
few days, the loss of revenue could be catastrophic for
that company. I think nowadays because the state of the
world seems to at every turn throw us a new challenge,
a new threat, people have become more prepared.